Building a Computer Network Test Lab
What you'll learn
- Configure virtual machines, virtual machine network (training is using VMware vSphere but you can use any other virtualization technology)
- Installing Windows operating systems – Win7, Win10, Win2016, Win2019, Active Directory, Group Policy Objects
- Installing Linux operating systems – Ubuntu 18.04, Ubuntu 20.04, CentOS8
- Installing OPNsense firewall and configuring DHCP and basic firewall rules
- Installing Kali Linux for attacking and penetration testing
- Installing REMnux linux and FlareVM for forensics
- Installing Splunk Free version for log collection and on-boarding Windows and Linux systems
- Installing Security Onion and Alienvault OSSIM for intrusion detection
- Configure time sync using NTP, backup
- Getting installer images for all the tools presented in this training
- Configure basic Active Directory and Group Policies
- Basic IT knowledge and minimal experience with at least one Virtualization technology
- Only free, open source and free for personal/educational use software will be used which are publicly available (if we consider Microsoft products as such)
- A virtualization technology is required. I will use Vmware vSphere, but is almost the same with VirtualBox or Vmware Workstation.
- You can set up any one of these virtual machines by itself without the rest of the machines, recommended 16+GB RAM and 100+GB for 3 desktop/server VMs
- Internet connection
This course will help you building your own computer network testing environment, let it be a simple Active Directory, Splunk for log collection, Intrusion detection, Windows or Linux operating systems.
You can implement all or only a few of the systems we are going to discuss during the course depending on your needs and your resources available. I recommend using a local virtualization technology with 16GB RAM minimum, like vSphere, VMware Workstation, Virtualbox or similar.
The network set up will consist of two subnets, one being a "sandbox" where most systems will be installed. The second subnet will be the one for collecting logs and for forensics computers.
The training will cover:
installing different operating systems, like : Windows 7, Windows 10, Windows Server 2016, Windows Server 2019, Ubuntu Linux, CentOS Linux.
installing security appliances: Security Onion, AlienVault OSSIM.
installing and configuring OPNsense firewall by separating
installing and configuring services: Active Directory, Splunk SIEM, OPNsense firewall, time sync using NTP.
This will allow you to test out solutions without the risk of damaging a production environment.
The course is giving you directions how to set up these systems, and will show you one use-case at this time. I will continue adding more contents as I develop more, and update the contents based on feedback.
The training is not focusing on lexical knowledge and is not explaining what the different tools are doing in general. I assume that you either Google those or already have an idea about each solution. For example, I am not going to explain in detail what a SIEM is used for. We are going to set it up and use it.
This training is focusing on giving you the technical knowledge to be able to get systems up and running as quick as possible and work with each other in a network.
Who this course is for:
- Anyone interested in setting up a computer lab with different operating systems for testing configurations, software, analyze network traffic, try hacking techniques or implement defense techniques
- Always wanted to set up your own computer lab but you didn’t know how to start
- Interested in learning how to install a basic Active Directory environment with custom Group Policy Objects applied to specific devices
- Interested in setting up your own Vulnerability Scanner, Intrusion Detection System and SIEM/central log collector
I am an experienced IT security expert with several years of IT operations, IT audit, IT security consultant, penetration tester and cyber incident response manager background. I would like to share what I've learned over the years with the community to help everyone who needs a little guidance on the path. Incident response is my primary field of interest, but I am always interested to learn new technologies and figure out how security is integrated and where are the gaps in the protection.